<?php
if (isset($_GET["path"])) {
	include("class.base.php");
	$_GET["path"] = str_replace("..", "", $_GET["path"]);
	if (!strstr($_GET["path"], 'KASIKIRI_PATH/') && !strstr($_GET["path"], 'PHOTO_PATH/') || !sisse_logitud()) {
		header("HTTP/1.0 404 Not Found"); die();
	}
	$fullImagePath = str_replace(array('KASIKIRI_PATH/', 'PHOTO_PATH/'), array(KASIKIRI_PATH, PHOTO_PATH), $_GET["path"]);
	$originalFileName = array_reverse(explode("/", $fullImagePath));
	header('Content-Type: image/jpeg');
	header('Content-Disposition: inline; filename="'.$originalFileName[0].'"');
	header('Last-Modified: '.date("D, d M Y H:i:s T", filemtime($fullImagePath)));
	header('Content-Length: '.filesize($fullImagePath));
	readfile($fullImagePath);
}
?>